Re: simple chroot environment rc.d script

you're going to use null mounts. The most obvious issue is that a
full copy of /dev is provided to the application, when what you really

Well actually, it only creates the standards devices (MAKEDEV std), not
a full copy:
constty klog ksyms null stdin tty
console drum kmem mem stderr stdout zero
But I probbaly don't need all of these, null, zero and random should be
enough.

want to do is ensure the application has only the device nodes it
needs, on a read-only filesystem, and everything else accessible to
it mounted "nodev".